lprimak commented on code in PR #186: URL: https://github.com/apache/shiro-site/pull/186#discussion_r1463870353
########## src/site/content/configuration.adoc: ########## @@ -439,40 +439,33 @@ Each line in the [users] section must conform to the following format: [#Configuration-INIConfiguration-Sections-users-EncryptingPasswords] ===== Encrypting Passwords -If you don't want the [users] section passwords to be in plain-text, you can encrypt them using your favorite hash algorithm (MD5, Sha1, Sha256, etc.) however you like and use the resulting string as the password value. By default, the password string is expected to be Hex encoded, but can be configured to be Base64 encoded instead (see below). +Since Shiro 2.0, the `[users]` section cannot contain plain-text passwords. Review Comment: Is this actually true? I seem to remember this plain-text passwords work in shiro 2 at the moment -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@shiro.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
